Commit Graph

885 Commits (2242db5c119a63d93b8d410b13905cbdf9f07c8e)

Author SHA1 Message Date
Amanda Anganes 2f28cf33e7 Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP.
12 years ago
Amanda Anganes b87d54b06e Changed UserInfo references to String "userId" references
12 years ago
Amanda Anganes 845976b8ac First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code.
12 years ago
Justin Richer 51b8dbe065 Revert "updated jwtHeader typ to use an enum" -- set things back to using a string
13 years ago
Justin Richer 9a7e40fee7 moved all bean definitions to annotations, removed orphaned CheckID view
13 years ago
Justin Richer 1508369548 now with Walsh-flavored certificate generation
13 years ago
Justin Richer 61a8d4a787 x509 take -- bouncycastley version
13 years ago
Amanda Anganes db415bfa2b Working on user approval handler
13 years ago
Amanda Anganes a223565364 updating user approval handler
13 years ago
Amanda Anganes 676808bdac got things to deploy - could not reference UserInfo directly in ApprovedSite and WhitelistedSite; needed to reference DefaultUserInfo instead.
13 years ago
Amanda Anganes 4e10fce7ef Implementing user approval handler; made some modifications to ApprovedSite and WhitelistedSite models, repositories, and service layers.
13 years ago
Amanda Anganes 7c33e19950 Changed authorization endpoint to /authorize rather than /auth; updated SWD entry. Also removed checkid entry from SWD.
13 years ago
Justin Richer 863693cf59 Merge pull request #128 from mtderryberry/jwe-and-jwt-fixes
13 years ago
Amanda Anganes 3982561a5b Removing "throws exception" from views. Addresses issue #70
13 years ago
Amanda Anganes 5cf6359f7d Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
13 years ago
Amanda Anganes 686412757f shortened urls
13 years ago
Mike Derryberry 3b2268c622 updated jwtHeader typ to use an enum
13 years ago
Justin Richer 1b5f99efec added .json mapping to SWD
13 years ago
Amanda Anganes 02da9fceed fixed imports
13 years ago
Justin Richer d07667576e cleaned up old code
13 years ago
Justin Richer 40f39a18e0 cleaning up introspection endpoint
13 years ago
Amanda Anganes e7449901a6 Removed IdTokenGeneratorService. Addresses issue #75
13 years ago
Justin Richer ee9288a72a turned down cache in default
13 years ago
Justin Richer c80f7f1fcd removed keystore dependency where it is not needed
13 years ago
Justin Richer 319568d971 refactored JWA algorithm markers to use enum instead of string as stored class
13 years ago
Justin Richer 165f3ea292 fixed some unit tests, broke others
13 years ago
Justin Richer 1f68c835c0 updated openid connect image
13 years ago
Michael Jett 7a3ae5a757 Merge remote branch 'origin/master'
13 years ago
Michael Jett 30addb5439 Redirect URI now displayed on approval page.
13 years ago
Justin Richer 9f16f309bd updated userinfouserdetailsservice to use username instead of userid -- this should actually be a wrapper class though
13 years ago
Justin Richer b0a7ebd9b1 fixed JWK algorithm display
13 years ago
Stephen Moore 84aa451095 Added comment for spring-servlet.xml
13 years ago
Justin Richer 5657bc8f28 updated configuration, confirmed works pending SECOAUTH-299
13 years ago
Justin Richer e5eb2e03d8 added implicit beans
13 years ago
Amanda Anganes 01793ec57f added preferred_username claim to userinfo endpoint
13 years ago
Amanda Anganes 8abbce3a2d fixed broken unit tests - they were pointing to the wrong spring context file;
13 years ago
Amanda Anganes 50241e4da1 changed UserInfo.verified to UserInfo.emailVerified.
13 years ago
Justin Richer 8fe132cb53 formatting
13 years ago
Justin Richer 830e07c35c moved whole configuration from servlet context into application context
13 years ago
Justin Richer dbd563f3f2 attempting to allow make use of SPEL
13 years ago
Justin Richer f0c949fd09 added scope-based filter for userinfo
13 years ago
Justin Richer c619e736f9 removed eclipse files from repository
13 years ago
Justin Richer 5c1b07ae65 don't overwrite an existing JWT nonce
13 years ago
Justin Richer 29731d52f6 Merge branch 'refreshtokens' of file:///home/jricher/Projects/workspace-sts/OpenIDConnect-MITRE/OpenID-Connect-Java-Spring-Server into refreshtokens
13 years ago
Justin Richer de1597b214 refresh token handling fixed, removed token factory references
13 years ago
Michael Jett 0dc568e5d0 Fixed more information link on approval page
13 years ago
Michael Jett a022f4d713 Authorized grant types now supported client-side
13 years ago
Michael Jett bff34f647c Allowing a null value for redirectURIs
13 years ago
Michael Jett 8fbea2516a Updated client side variable names to reflect name changes to access token and refresh token timeout
13 years ago
Amanda Anganes 4e3c99abe4 Merge branch 'validityIntegers'
13 years ago
Amanda Anganes 81d1af40bd Updated our ClientDetailsEntity *TokenTimeout fields to be *ValiditySeconds, which are now typed as proper Integers in the SECOAUTH ClientDetails interface
13 years ago
Michael Jett b6e00b9884 Base white-list functionality and template
13 years ago
Justin Richer 1127a7cfbc refactored JWKs, updated signing servier to use them
13 years ago
Justin Richer adb8499bee merged derryberry code, plus tweaks, still WIP
13 years ago
Amanda Anganes baa7ce5e7b Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
13 years ago
Amanda Anganes 2930719700 Added architecture diagram
13 years ago
Mike Derryberry b94fbd7439 updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
13 years ago
Justin Richer 94256d95a1 added crypto configuration file
13 years ago
Justin Richer a38dc0ce29 added crypto configuration file
13 years ago
Justin Richer fe3bbfb3d5 Further cleanups. Still missing:
13 years ago
Justin Richer b86abdd761 merge from pull request, plus cleanup
13 years ago
Justin Richer 731ad2e2e2 updated SECOAUTH reference, fixed some SQL files, temporarily closed token timeout issue
13 years ago
U-MITRE\mjwalsh f9558f0955 stripped out check id endpoint interaction as it deprecated, refactored nonce checking based on spec change, pull user_id as id_token token claim
13 years ago
Justin Richer ace5dd1f1e imported userinfouserdetails filter from MITRE codebase
13 years ago
Mike Derryberry 65dc3daaf8 smart client
13 years ago
Amanda Anganes 2a05ff995d Added support for additional field in ClientDetailsEntity.java.
13 years ago
Amanda Anganes bbf9591c92 Merge branch 'master' into issue52
13 years ago
Justin Richer c3cffe1eac cleaned up bad config file
13 years ago
Justin Richer 195810fc63 Merge branch 'architecturedocs'
13 years ago
Justin Richer 7a207dc162 Merge branch 'discoveryupdate'
13 years ago
Justin Richer 250e0c730e Merge branch 'jwtupdate'
13 years ago
Justin Richer 7df2663e00 added final slashification of configuration URLs
13 years ago
Justin Richer fbdccdb78e added Xrd support (fixes #63), updated configuration locations (fixes #47)
13 years ago
Justin Richer e44697cef9 updated JWK display to latest, closes #58
13 years ago
Michael Jett 3b4e95ac10 Approval page updates
13 years ago
Michael Jett d424f44b8c Removing some whitespace
13 years ago
Justin Richer 46cd08071d cleaned up sql table references to redirect uris, see #48
13 years ago
Justin Richer 8e33a17307 moved DB schema files up a few levels, fixed test context to point to new locations
13 years ago
Justin Richer 5c72d8b95f revocation endpoint cleanup, still needs views
13 years ago
Justin Richer 27219c066d refactored our service to reflect upstream
13 years ago
Justin Richer e95528a08d added implementation to stub to read an access token by value
13 years ago
Amanda Anganes c89b1814d6 Fixed approve.jsp checkboxes (both had the same name).
13 years ago
Amanda Anganes 8684bb969f Updated approve.jsp with Jett's new code to display some checkboxes. This has been tested, and the additional parameters are persisted correctly and are available to the TokenGranter.
13 years ago
Michael Jett 68483536a6 Approval page updates. Approval and denial buttons are now in one form. Generic checkboxes are in place.
13 years ago
Amanda Anganes 424f8bb737 Refactored to use TokenEnhancer rather than a custom TokenGranter.
13 years ago
nemonik 998fc7f98b cleaned up beans layout
13 years ago
nemonik 8917e75010 see issue #19
13 years ago
Amanda Anganes 16aa0c59b5 Added token enhancer. Now to plug it in.
13 years ago
Amanda Anganes d4e107caf1 updating
13 years ago
Amanda Anganes 2070d2e413 Updated to use AuthorizationRequestFactory rather than ClientCredentialsChecker.
13 years ago
Justin Richer ce847dd4f7 updated poco user view to contain name
13 years ago
Stephen Moore c418ccabb1 Merge branch 'master' into userInfoEndpoint
13 years ago
Stephen Moore 1bff5ef19f Added POCO view, Added UnknownUserInfoScheamException runtime exception
13 years ago
Michael Jett b838ddb786 Client ID display fix
13 years ago
Michael Jett a1d85e281e Client ID now showing on display and edit page
13 years ago
Michael Jett 48ff2d3d77 Merge remote branch 'origin/master'
13 years ago
Michael Jett f8af7bf884 Adding help text for time-out options
13 years ago
Stephen Moore 5c544dfe7c Merge branch 'master' into userInfoEndpoint
13 years ago
Justin Richer 7d4d65c359 Merge branch 'userinfo_integration'
13 years ago
Justin Richer a8e9f1d2cd fixed rendering issues with user info view
13 years ago
Stephen Moore 9612fde10e Check for null address, and added email
13 years ago
Justin Richer 08958d4137 Merge remote-tracking branch 'remotes/steve/userInfoEndpoint' into userinfo_integration
13 years ago
Justin Richer 06fadb5f2b oauth provider configuration started
13 years ago
Stephen Moore 9b03831d4e Filled in the UserInfoEndpoint, and added the JSON view for userInfo (openIdSchema)
13 years ago
Michael Jett 668952ec09 Fixing typo
13 years ago
Michael Jett b59baa09a9 Cleaning up placeholder fields
13 years ago
Michael Jett c85248c40c Editing bug fix for validation
13 years ago
Michael Jett a44dee1fd6 Fixing IE compatibility with saving and editing clients
13 years ago
Michael Jett e5312b4c99 Client secret now editable and dynamically generated if not present
13 years ago
Michael Jett bd054bfd58 Client delete now requires confirmation
13 years ago
Michael Jett 6c8aeba041 Default scope is "openid"
13 years ago
Michael Jett e4f2446569 - no restraints on client name and description (neither of them required)
13 years ago
Michael Jett 51fe98b383 ClientAPI now sets owner for clients
13 years ago
Michael Jett f7a0b8de32 Client scope now supported
13 years ago
Michael Jett a1234a4fcd Timeout form fields now supported. Backbone.JS Validation error handling updates.
13 years ago
Michael Jett 2d980a4d8f Refactoring of routing. Client updates
13 years ago
Michael Joseph Walsh 6f43040587 slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client
13 years ago
Michael Jett b06640c921 First stages of client-side validation worked into application
13 years ago
Michael Jett c45991b561 Adding backbone.js validations framework
13 years ago
Michael Jett 3402a3e463 ClientAPI now fully supports RESTful DELETE
13 years ago
Michael Jett 7f5b9e2c82 ClientAPI now supports DELETE method
13 years ago
Michael Jett abf3f0ec33 Merge remote branch 'origin/master'
13 years ago
Michael Jett af6e043239 Client Entity now initialized with non-null values so JPA won't flip. Added unified method for saving. Sync'd class member names to allow proper binding.
13 years ago
Michael Joseph Walsh 7e3ce2d583 mods to reflect client <-> account chooser protocol, and refactoring...
13 years ago
Michael Jett 0c7ea88323 Client updates.
13 years ago
Michael Jett 0f9b828066 ClientAPI admin requirement now global
13 years ago
Michael Jett 32e67730d8 ClientAPI maps to individual clients by IDs
13 years ago
Michael Jett 6b481cd3bb ClientAPI header updates
13 years ago
Michael Jett a4fc4e939e ClientAPI cleanup
13 years ago
Michael Jett f91071c350 New clients now attempt to POST to client API
13 years ago
Justin Richer 5e81ed6346 added some content to the architecture file
13 years ago
Justin Richer 7375d00e88 added taglib hack
13 years ago
Justin Richer e00bba7ede factored out one more piece of the security config
13 years ago
Stephen Moore fd91c884bb Made interfaces... deleted a thing.
13 years ago
Justin Richer ffe31e6049 merged config from bean config config bean bean
13 years ago
Justin Richer e158ef6fc2 added config bean
13 years ago
Amanda Anganes 95fc66de31 Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
13 years ago
Amanda Anganes e33f277bbe Updated classes to track newest version of SECOAUTH. This update closes issues #3, #4, #8, and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
13 years ago
Michael Jett 9abb15a559 Approval page style upgraded to bootstrap 2 classes
13 years ago
Justin Richer e6f77fd061 Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
13 years ago
Justin Richer c003bbf2c6 extracted user information from spring servlet config
13 years ago
Michael Jett 4f0ffd872b Removing older version of bootstrap
13 years ago
Michael Jett c8e3f70115 Now requiring homepage login
13 years ago
Michael Jett 7dd81ac2de Server-side dynamics
13 years ago
Michael Jett eb9f2617ba New look
13 years ago
Michael Jett 23fd7b1b21 Renaming Client View class
13 years ago
Michael Jett eda7505b7b Client API now renders JSON for all Clients
13 years ago
Michael Jett ba56c00318 Backbone JS support for creating a new client.
13 years ago
Michael Jett c02bac8c38 New client actions rendered as buttons rather than anchors
13 years ago
Michael Jett 4c503a7f40 Client table now fully rendered client-side with JS templates.
13 years ago
Michael Jett e9954f4439 Bootstrap spelling correction
13 years ago
Michael Jett df174a1695 Test Client JS now valid. App.JS updates
13 years ago
Michael Jett e2e2dfca43 TD now rendered dynamically
13 years ago
Michael Jett 9f979cb742 Views now load after fetching templates
13 years ago
Michael Jett 784fd14917 Client manager now renders views in bootstrap.
13 years ago
Michael Jett 3859429ed6 Client javascript test updates
13 years ago
Michael Jett 5622ccbf41 Removing Javascript CDN. This will fix cross domain issue when requesting JSON objects.
13 years ago
Michael Jett 0134c4ea96 Merge remote branch 'origin/master'
13 years ago
Michael Jett df67c23dba Removing Resig templating. Backbone.js provides template support.
13 years ago
Justin Richer 97dffb6414 added copyright to all java files. closes #11
13 years ago
Justin Richer 6724866099 moved jwt components, utilities, and various interfaces to -common from -server
13 years ago
Justin Richer 59ecb03548 added getter/setter for userinforepository, closes #40
13 years ago
Michael Jett 37452f4bb5 Client side JS updates
13 years ago
Michael Jett c98204e705 Renamed mockup directory
13 years ago
Michael Jett d1a773d512 Client backbone.js Model initial commit
13 years ago
Michael Jett 181b0ce605 Removing unneeded div el
13 years ago
Michael Jett 703a8abab5 client management now bootstrap 2 compatible
13 years ago
Michael Jett 57ebb7d287 Adding global JS to template
13 years ago
Michael Jett 897e6e85d3 Removing inline client editing popup
13 years ago
Michael Jett 2573c98c2d Re-write of base template using bootstrap 2
13 years ago
Michael Jett b38c8c18d6 Edit form mock-up updates. Organized forms and input.
13 years ago
Michael Jett 51b8650327 Bootstrap 2 html test updates - removing compile javascript
13 years ago
Amanda Anganes 2e4f312f79 Fixed tests - they were pointing to the wrong context file.
13 years ago
Amanda Anganes a9088b4999 Merge branch 'Single_Spring_Context_file'
13 years ago
Amanda Anganes 07a305b8b7 Refactored code to use a single spring context file. This uses the default oauth/authorize and oauth/token URLs, but it seems to be free of the infinite redirect issue. Next up: try putting in our custom URLs.
13 years ago
Michael Jett 8ab1fc1b60 Bootstrap 2 html tests
13 years ago
Michael Jett 9c86a23ee1 Bootstrap 2
13 years ago
Michael Jett ed304fa391 Edit client mock-up.
13 years ago
Michael Jett c4edd7111e Breadcrumb tag renders "crumb" attribute
13 years ago
Michael Jett dc42eb7789 Client management page now renders test JSON
13 years ago
Justin Richer 59078cc68d eclipse updates from maven
13 years ago
Amanda Anganes 6899a16c2f Merge branch 'Really_fixing_redirects'
13 years ago
Amanda Anganes 5d78bc4e0a Infinite redirect issue fully fixed, with our custom urls for the authorization and token endpoints. See issue #8.
13 years ago
Amanda Anganes 67edc1c191 Seems to be fixed! Added the "security:" prefix to the first http block in application-context. The compiler should have been catching that there was no matching for http w/o it, but it was just letting it through.
13 years ago
Justin Richer 05b2cf8fff removed vestigial user details code
13 years ago
Amanda Anganes f0f339d45f current state
13 years ago
nemonik 6eb8284695 version needed to be modified to 0.1-SNAPSHOT in order to deploy snapshot to nexus
13 years ago
Amanda Anganes 69dc1fe361 Removing our custom authorization endpoint and token endpoint urls, as well as the filter required by those custom urls (in web.xml), fixes the infinite redirect problem. This has been submitted as an issue to the SECOAUTH team.
13 years ago
Amanda Anganes 2fc4ce177c This commit fixes the infinite redirect, somewhat. See updated issue #8.
13 years ago
Amanda Anganes 17f6e2a2fb Removed tables.sql.
13 years ago
Amanda Anganes 486b7723d3 Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
13 years ago
Amanda Anganes 269a354f8c Added tables.sql, which is just a concatenation of all the other sql files. Added redirect_uris.sql, which is a NEW table needed to support clients registering multiple redirect uris.
13 years ago
nemonik d056079fea Support for ECDSA JWT signer was removed as it would require the system-wide installation and configuration of the Bouncy Castle Security Provider in order for the server to work when deployed to Tomcat. See issue ticket #20
13 years ago
Amanda Anganes 14f6eca026 Merge branch 'fixing_redirects'
13 years ago
Amanda Anganes 5b09c93024 Cleaned up the context files a bit, no big changes yet.
13 years ago
Justin Richer eabc49cb01 fixed documentation, included python source to generate signature
13 years ago
Justin Richer c21607dcbe fixed hmac unit test after signature base string was fixed in underlying code
13 years ago
nemonik 6c8661f3ad the signature base created in the verify method of the AbstractJwtSigner did not match how the Jwt.getSignatureBase creates the signature base. also, modified the testGenerateHmacSignature to exercise
13 years ago
nemonik 267f1b2de3 bas64 decoded signature prior to verifying, modified unit rsa unit test, and fixed ecdsa signer verify
13 years ago
Justin Richer 985a4619fa abstracted keystore loader to new function
13 years ago
Justin Richer 3dfe6df410 refactored algorithms out to their own separate Enum
13 years ago
Justin Richer fec6a3a876 removed definition parsers, may be picked up again later
13 years ago
Amanda Anganes b986b30695 Fixed unit tests - they were broken due to an error in application-context.xml; not because of the refactor. App context was trying to instantiate an Hmac signer with name "HMACSHA256", which should have been "HS256". I updated the exceptions thrown by the signer impls so that if an Algorithm name mismatch occurs it will tell you what it is trying to match against.
13 years ago
nemonik 0a29eba617 unit test correction, slight refactor of tested classes
13 years ago
nemonik 1209e9a83f fix to JwtTest unit test
13 years ago
nemonik f215cfc50c fix for issue 5, code refactoring across signers
13 years ago
nemonik 4f407a3a11 added rsa1024 key to keystore
13 years ago
Stephen Moore 1a1ae4c5b5 Removed Replacer plugin
13 years ago
Amanda Anganes c50f968748 Merged to use idToken.setNonce().
13 years ago
Amanda Anganes 268b82e31d Merge branch 'Branch_master3-23-2012'
13 years ago
Amanda Anganes 8b10b83516 Added setNonce to JwtClaims.
13 years ago
Justin Richer 34f24deb3e Merge branch 'mitreaccounts'
13 years ago
Justin Richer 4a15e51e12 pass through nonce
13 years ago
Justin Richer 6c3552ebfa changed mitre account names
13 years ago
U-MITRE\mjwalsh b4836a0302 mods to auth filter including config comments, http socket time out...
13 years ago
Amanda Anganes 27fe3c9eca Implemented signing. Works, but validation does not fail if you remove the signature.
13 years ago
Amanda Anganes 68c8d1a9d2 Changed parameter for check id endpoint to access_token instead of auth_token
13 years ago
Justin Richer 826be5a1a1 changed parameter name to match spec change
13 years ago
Justin Richer 5fe036878a fixed view for idtoken in checkid endpoint
13 years ago
Justin Richer c51bb72fe5 merged keystore changes
13 years ago
Justin Richer 6c01134095 JWK display support for key maps, still no key ids
13 years ago
Amanda Anganes 776748f908 Merge branch '3-22-2012'
13 years ago
Amanda Anganes ae9b5e792a Added a ConfigurationPropertiesBean.java to hold configuration properties. Fixed up CheckIDEndpoint.java a bit - it works, but is outputting the wrong thing.
13 years ago
Justin Richer d5e7000365 disabled custom namespace parsers for keystores
13 years ago
Justin Richer 524a8e153e signers turned into a map
13 years ago
Justin Richer 664dd1df46 JWT claims can now have nulls in them without barfing
13 years ago
Justin Richer c59d3fe963 it spits out JWTs! and id tokens! JWT still needs to handle nulls
13 years ago
Amanda Anganes ebe72412fe Authorization Grant flow works up to serializing the returned Access Token. Justin is investigating serialization problems.
13 years ago
Amanda Anganes d94eb338ee Auth code flow works through user approval page. Current problem is that it doesn't seem to be matching up auth codes correctly (I keep getting "invalid code" error). But, it looks like it's going through our custom token granter so that is good.
13 years ago
Justin Richer 8263ce0dd5 added external class to persistence context
13 years ago
Justin Richer b463cabc69 fixed configuration, moved sql file
13 years ago
Justin Richer 2f29cc52b2 Merge branch 'client_refactor'
13 years ago
Justin Richer baf7c1c166 fixed dependencies and project configurations
13 years ago
Justin Richer e6e7504213 added files and shuffled things to new packages
13 years ago
Justin Richer a0cdd8bf2f moved server to new package location
13 years ago